package jdbc;

import java.sql.*;

public class LoginDemo {
    public static void main(String[] args) {
        UserInfo userInfo = InputUtil.getInputObject(new UserInfo(), "欢迎登录", "登录");
        System.out.println(userInfo);

        try (Connection conn = DBUtil.getConnection()) {
//            Statement stmt = conn.createStatement();
//            String sql = "SELECT id,username,password,nickname,age "+
//                         "FROM userinfo "+
//                         "WHERE username = '"+userInfo.getUsername()+"' "+
//                         "AND password = '"+userInfo.getPassword()+"'";
//            ResultSet rs = stmt.executeQuery(sql);
            String sql = "SELECT id,username,password,nickname,age " +
                         "FROM userinfo " +
                         "WHERE username = ? " +
                         "AND password = ?";

            PreparedStatement pstmt = conn.prepareStatement(sql);
            pstmt.setString(1, userInfo.getUsername());
            pstmt.setString(2, userInfo.getPassword());

            ResultSet rs = pstmt.executeQuery();

            if (rs.next()) {
                System.out.println("登录成功");
            } else {
                System.out.println("登录失败");
            }


        } catch (SQLException e) {
            e.printStackTrace();
        }
    }
}
